FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

GnuTLS -- multiple vulnerabilities

Affected packages
gnutls < 2.6.6
gnutls-devel < 2.7.8

Details

VuXML ID b31a1088-460f-11de-a11a-0022156e8794
Discovery 2009-05-21
Entry 2009-08-17

SecurityFocus reports:

GnuTLS is prone to multiple remote vulnerabilities:

An attacker can exploit these issues to potentially execute arbitrary code, trigger denial-of-service conditions, carry out attacks against data signed with weak signatures, and cause clients to accept expired or invalid certificates from servers.

References

Bugtraq ID 34783
CVE Name CVE-2009-1415
CVE Name CVE-2009-1416
CVE Name CVE-2009-1417
URL http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3515
URL http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3516
URL http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3517